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We claim: 

1 1. A method for transferring data between a central 

2 controller and a first node of a plurality of remote 

3 network nodes over a digital data network having a passive 

4 optical network topology, the network connecting the 

5 central controller and the plurality of remote network 

6 nodes, the method comprising the steps of: 

7 discovering the first node by the central controller; 

Q 8 synchronizing the internal clock of the first node to 

9 the internal clock of the central controller; and 

M 10 transmitting uplink data from the first node to the 

Q 11 central controller in response to transmission 

y 

^■'^ 12 authorizations sent by the central controller to the first 

5 13 node. 

1 2- A method for transferring data according to 

2 claim 1, further comprising the steps of: 

3 measuring round trip delay from the central 

4 controller to the first node; and 

5 transmitting downlink data from the central 

6 controller to the first node. 
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1 3. A method for transferring data according to 

2 claim 2, further comprising the step of encrypting the 

3 downlink data, 

1 4. A method for transferring data according to 

2 claim 3, further comprising the step of the first node 

3 sending an encryption key to the central controller^ 

4 wherein the step of encrypting the downlink data comprises 

5 the step of encrypting the downlink data with the 

6 encryption key. 



5. A method for transferring data according to 

: claim 3, further comprising the step of the first node 

( periodically sending a different encryption key to the 

y 4 central controller, wherein the step of encrypting the 

fi 5 downlink data comprises the step of encrypting the 

w 

W 6 downlink data with the encryption key last received by the 

7 central controller from the first node. 

1 6. A method for transferring data according to 

2 claim 3, further comprising the step of detecting, by the 

3 central controller, connection failure between the central 

4 controller and the first node. 
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1 7. A method for transferring data according to 

2 claim 6, further comprising the step of detecting, by the 

3 first node, connection failure between the central 

4 controller and the first node. 

1 8. A method for transferring data according to 

2 claim 3, wherein the downlink data and the uplink data 

3 are transmitted using IEEE 802.3 Ethernet standard 

4 packets. 

^ 1 9. A method for transferring data according to 

p 2 claim 8, wherein the network is a passive optical network. 



1 10. A method of transferring data according to claim 

2 2, wherein the steps of discovering and synchronizing 

3 comprise the steps of: 

4 sending a GATE message from the central controller to 

5 undiscovered nodes, said GATE message sent to the 

6 undiscovered nodes comprising a time stamp of the central 

7 controller, a first grant start time value, a first grant 

8 length value, and a first GATE message MAC control opcode; 

9 receiving at the first node the GATE message 
10 addressed to the undiscovered nodes; 
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11 setting the internal clock of the first node to the 

12 time stamp of the GATE message addressed to the 

13 undiscovered nodes; 

14 after the setting step, sending a REGISTER_REQUEST 



15 message from the first node to the central controller 

16 between the time when the internal clock of the first node 

17 equals the first grant start time value and the time when 

18 the internal clock of the first node equals to the sum of 

Q 19 the first grant start time value and the first grant 

f1 

2 20 length value, the REGISTER_REQUEST message comprising a 

U 21 time stamp of the first node, address of the first node, 

l*^ 22 and a REGISTER_REQUEST message MAC control opcode; 

o 

W 23 in response to receiving the REGISTER_REQUEST message 

o 

24 at the central controller, sending a REGISTER message to 

25 the address of the first node, the REGISTER message 

26 comprising a REGISTER message MAC control opcode. 

1 11. A method of transferring data according to claim 

2 10, wherein the step of transmitting uplink data comprises 

3 the steps of: 

4 sending the transmission authorizations to the 

5 address of the first node, the transmission authorizations 
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6 comprising a plurality of GATE messages sent to the 

7 address of the first node, each GATE message of the 

8 plurality of GATE messages sent to the address of the 

9 first node comprising a second GATE message MAC control 

10 opcode and at least one pair of one grant start time value 

11 and one grant length value, each said pair defining one 

12 allowable uplink transmission interval; 

13 sending the uplink data from the first node to the 

t 14 central controller in response to receiving a GATE message 

M 

% 15 at the first node, each packet of the uplink data being 
1,^ 16 transmitted during an allowable uplink transmission 
1^ 17 interval. 

y 1 12. A method of transferring data according to 

2 claim 11, wherein at least one GATE message of the 
W 3 plurality of GATE messages sent to the address of the 

4 first node comprises at least two pairs of one grant start 

5 time value and one grant length value. 

1 13. A method of transferring data according to claim 

2 11, wherein the step of measuring round trip delay 

3 comprises the step of subtracting a first time stamp of 

4 the first node in a first message received by the central 

5 controller from the value of the real time clock of the 
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6 central controller at the time the first message is 

7 received. 

1 14. A method of transferring data according to claim 

2 13, further comprising the steps of: 

3 sending an encryption key from the first node to the 

4 central controller; and 

5 encrypting the downlink data transmitted by the 

1.^ 6 central controller to the address of the first node using 

g 

O 7 the encryption key. 

1 15. A method of transferring data according to claim 

2 14, wherein the downlink data is transmitted in packets, 
f% 3 each packet comprising a header and a payload, wherein 

2 4 encrypting the downlink data comprises the step for block 

6, 

ry 5 encrypting the payload of said each packet. 

6 16. A method of transferring data according to claim 

7 13, further comprising the steps of: 

8 the central controller sending a request for an 

9 encryption key to the first node; 
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10 sending an encryption key from the first node to the 

11 central controller in response to the request for an 
12. encryption key; and 

13 encrypting the downlink data transmitted by the 

14 central controller to the address of the first node using 

15 the encryption key, 

1 17. A method of transferring data according to claim 

2 14, wherein the step of sending an encryption key 

M ^ comprises the step of sending a NEW__KEY message from the 

o 

%^ 4 first node to the central controller, the NEW_KEY message 

5 comprising the address of the first node, a NEW KEY 
^ — 

g 6 message MAC control opcode, the encryption key, and an 

h 

|jj 7 identifier of the encryption key. 

6 

p 1 18. A method of transferring data according to claim 

m 

2 11 r wherein the downlink data is sent in packets, each 

3 packet comprising a header that comprises the identifier 

4 of the encryption key used to encrypt the packet. 

1 19. A method of transferring data according to claim 

2 13, further comprising the steps of: 

3 periodically sending a different encryption key from 

4 the first node to the central controller; * 
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5 encrypting the downlink data transmitted by the 

6 central controller to the address of the first node using 

7 the last received encryption key. 

1 20. A method of transferring data according to claim 

2 19, wherein: 

3 the step of periodically sending a different 



4 encryption key comprises the step of periodically sending 

5 a different NEW_KEY message from the first node to the 
O 6 central controller, each NEW_KEY message comprising the 
^ 7 address of the first node, a NEW KEY message MAC control 
^'Z 8 opcode, an encryption key, and the sequence number of the 

9 encryption key comprised in said each NEW_KEY message, the 

M 10 step of periodically sending a different NEW_KEY message 

O 

Jll 11 comprising the step of sending a first NEW_KEY message 

O 

ry 12 comprising a first encryption key and a first sequence 

13 number corresponding to the first encryption key; 



14 the downlink data is sent in packets, each packet 

15 comprising a header that comprises the sequence number of 

16 the encryption key used to encrypt the packet; 

17 the method further comprising the steps of: 
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18 monitoring the sequence numbers in the headers of the 

19 downlink packets sent to the address of the first node; 

20 and 

21 re-sending the first NEW_KEY message to the central 

22 controller if none of the monitored sequence numbers 

23 matches the first sequence number within a first 

24 predetermined time period. 

1 21. A method of transferring data according to claim 



Q 2 13^ wherein the downlink data and the uplink data are 
jfl 3 transmitted using IEEE 802.3 Ethernet standard packets, 



4^ 1 22. A method for transferring data according to 

J 2 claim 21, wherein the network is a passive optical 



w 



ri 



network. 



1 23. A method for transferring data according to 



2 claim 22, wherein 

3 the step of transmitting uplink data further 

4 comprises the step of the first node transmitting REPORT 

5 messages to the central controller, each REPORT message 

6 comprising the address of the first node, at least one 

7 request for uplink transmission of a first number of bytes 
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8 from a queue of the first node, and a REPORT message MAC 

9 control opcode; and 

10 the central controller sends the GATE messages of the 

11 plurality of GATE messages sent to the address of the 

12 first node in response to receiving the REPORT messages, 

1 24. A method for transferring data according to 

2 claim 23, wherein said each REPORT message further 

3 comprises a priority indication of the queue. 

s 

C3 1 25. A method for transferring data according to 

P 2 claim 23, further comprising the step of detecting 

■sst 

3 connection failure between the central controller and the 

4 first node. 

]g 1 26. A method for transferring data according to 

6 

py 2 claim 25, wherein the step of detecting connection failure 

3 comprises the steps of: 

4 resetting a first timer at the central controller 

5 each time a REPORT message is received from the first 

6 node; and 

7 discontinuing sending of the GATE messages to the 

8 address of the first node if the first timer reaches a 

9 first timeout value. 
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1 27. A method for transferring data according to 

2 claim 26, wherein the step of detecting connection failure 

3 further comprises the steps of: 

4 resetting a second timer at the first node each time 

5 a GATE message sent to the address of the first node is 

6 received at the first node; 

7 if the second timer reaches a second timer timeout 

8 value, repeating the steps of discovering and 
Q 9 synchronizing . 

HI 28. A method for transferring data between an 

^ 2 optical line terminal (OLT) and a first optical network 

J 3 unit (ONU) of a plurality of ONUs over a passive optical 

y A 

4 network, the method comprising the steps of: 

6 

5 the first ONU receiving a GATE message addressed to 

6 undiscovered nodes, the GATE message comprising a time 

7 stamp of the OLT, a first grant start time value, a first 

8 grant length value, and a GATE message MAC control opcode; 

9 setting the internal real time clock of the first ONU 

10 to the time stamp of the OLT; 

11 after the setting step, sending a REGISTER_REQUEST 

12 message from the first ONU to the OLT during the time 
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13 interval defined by the first grant start time value and 

14 the sum of the first grant start value and the first grant 

15 length value, the REGISTER_REQUEST message comprising a 

16 time stamp of the first ONU, the address of the first ONU, 

17 and a REGISTER_REQUEST message MAC control opcode; 

18 receiving a REGISTER message addressed to the address 

19 of the first ONU, the REGISTER message comprising a 

20 REGISTER message MAC control opcode; 

M 

P 21 receiving GATE messages addressed to the address of 

^ 22 the first ONU^ each received GATE message comprising the 

\^ 23 GATE message MAC control opcode and one or more 

J'** 24 definitions of allowed uplink transmission intervals; and 



g 25 sending uplink data packets from the first ONU to the 

tfS. 

Q 26 OLT only during the allowed transmission intervals. 



lU 



It 

1 29. A method for transferring data according to 

2 claim 28, wherein the REGISTER_REQUEST message is sent 

3 beginning at a random time Tr uniformly distributed within 

4 the time period beginning with the first grant start time 

5 value and ending with Te (the first grant start time 

6 value) + (the first grant length value) - (Ti) , where Ti is 

7 equal to the length of the REGISTER_REQUEST message. 
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1 30. A method for transferring data according to 

2 claim 28, further comprising the steps of: 

3 sending a first encryption key and a first sequence 



4 number of the first encryption key from the first ONU to 

5 the OLT, to enable the OLT to encrypt downlink data 

6 packets addressed to the address of the first ONU with the 



7 encryption key. 



1 . 31. A method for transferring data according to 

y 2 claim 30, further comprising the steps of: 

[\ 3 receiving, at the first ONU, the downlink data 

:fst 

T 4 packets addressed to the address of the first ONU, each 

Q 5 downlink data packet comprising a header comprising the 

Q 0 sequence number of the key used in encrypting said each 

7 downlink data packet; 

fy 

8 monitoring, at the first ONU, the sequence numbers in 

9 the headers of the received downlink data packets; 



10 if none of the sequence numbers in the headers of the 

11 downlink data packets received within a first 

12 predetermined period matches the first sequence number, 

13 re-sending the first encryption key and the first sequence 

14 number from the first ONU to the OLT. 
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1 32. A method for transferring data according to 

2 claim 31, wherein the downlink data packets and the uplink 

3 data packets conform to the IEEE 802.3 Ethernet standard. 

1 33. A method for transferring data according to 

2 claim 32, further comprising the step of periodically 

3 sending REPORT messages from the first ONU to the OLT, 

4 each said REPORT message requesting allocation of one or 

5 more time intervals for transmission of the uplink data 

6 packets from the first ONU to the OLT. 



yO 1 34. A method for transferring data according to 

1^ 2 claim 32, further comprising the steps of: 



^ 3 the first ONU detecting failure of connection between 

W 4 the first ONU and the OLT; and 



y 5 after detecting failure of connection between the 

rU 

6 first ONU and the OLT, the first ONU repeating, in order, 

7 the steps of receiving a GATE message addressed to 

8 undiscovered nodes, setting the internal real time clock 

9 of the first ONU, sending a REGISTER_REQUEST message from 
the first ONU to the OLT, and receiving a REGISTER message 



10 



11 addressed to the address of the first ONU. 
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1 35. A method for transferring data between an 

2 optical line terminal (OLT) and a first optical network 

3 unit (ONU) of a plurality of ONUs over a passive optical 

4 network^ the method comprising the steps of; 

5 sending a first GATE message from the OLT to 

6 undiscovered ONUs, the first GATE message comprising a 

7 time stamp of the OLT, a first grant start time value, a 

8 first grant length value, and a first GATE message MAC 
control opcode; 

receiving at the OLT a REGISTER_REQUEST message from 
the first ONU, the REGISTER_REQUEST message comprising a 
time stamp of the first ONU, an address of the first ONU, 
and a REGISTER_REQUEST message MAC control opcode; 

in response to receiving the REGISTER_REQUEST 
message, sending from the OLT a REGISTER message to the 

16 address of the first ONU, the REGISTER message comprising 

17 a REGISTER message MAC control opcode; 

18 periodically sending GATE messages to the address of 

19 the first ONU, each said GATE message sent to the address 

20 of the first ONU comprising the GATE message MAC control 

21 opcode and at least one pair of one grant start time value 
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22 and one grant length value, each said pair defining a time 

23 interval during which the first ONU is allowed to send 

24 messages to the OLT; and 

25 receiving uplink data packets from the first ONU in 

26 the time intervals during which the first ONU is allowed 

27 to send messages to the OLT. 

1 36. A method for transferring data according to 

2 claim 35, further comprising the steps of: 



3 3 receiving, at the OLT, an encryption key sent by the 



H 4 first ONU; and 



5 sending, from the OLT to the first ONU, downlink data 

?? 

'^1 6 packets encrypted with the key. 

1 37. A method for transferring data according to 

2 claim 36, further comprising the step of measuring round 

3 trip delay between the OLT and the first ONU by 

4 subtracting a first time stamp of the first ONU comprised 

5 in a first message received by the OLT from the first ONU 

6 from the value of the internal clock of the OLT at the 

7 time the first message is received by the OLT. 
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1 38. A method for transferring data according to 

2 claim 36, wherein the downlink and uplink data packets are 

3 transmitted using IEEE 802.3 Ethernet standard. 

1 39. A method for transferring data according to 

2 claim 38, further comprising the step of: 

3 receiving REPORT messages from the first ONU, each 

4 REPORT message received from the first ONU comprising at 

5 least one request for uplink transmission of a first 
p 6 number of bytes; 



7 wherein the OLT sends the GATE messages to the 

8 address of the first ONU in response to the received 

La 



9 REPORT messages 



^ 1 40. A method for transferring data according to 

^ 2 claim 39, further comprising the steps of: 

3 resetting a first timer at the OLT each time a REPORT 

4 message is received from the first ONU; and 

5 discontinuing sending of the GATE messages to the 

6 address of the first ONU if the first timer reaches a 

7 first timeout value. 
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